FTC Appoints Cool Hacker as Chief Technologist
The Federal Trade Commission appointed Edward Felten as FTC's first Chief Technologist. This might mean the FTC is about to dive deeper into digital privacy issues facing consumers. There is a great deal to like about the accomplished computer scientist, hacker, and security researcher. He's taken on some big names with some pretty impressive hacks, despite attempts to intimidate him.
Felten is a former EFF board member and a Princeton professor of computer science and public affairs. He is also the founding Director of the Center for Information and Technology Policy at Princeton University.
Felten has a long history of hacking and taking on "The Man" such as the RIAA and Microsoft.
During United States vs. Microsoft, Felten was the lead computer science expert witness for the Department of Justice. Microsoft was accused of abusing monopoly power on its operating system and browser. If you aren't familiar with the case, Microsoft's attorney claimed it was impossible to remove the IE browser from Windows 98 without "impairing" the PC. Felten not only testified is was possible to remove IE from Windows without causing OS issues, but he also demonstrated 19 ways to access IE after it was rendered inaccessible by his team's tool.
Felten and his team defeated the Secure Digital Music Initiative (SDMI) watermarks. Yet when Felten was about to present a scientific paper explaining how, he was threatened with legal action. In 2001, Felten and the EFF sued the RIAA and the (SDMI) in a case that challenged the constitutionality of the Digital Millennium Copyright Act (DMCA).
However, Felten wasn't alone as many security experts and individuals got in on this fight. Large social media sites also played a role. According to Wikipedia, "Opponents of Sony BMG's actions, including Slashdot and Digg contributors, later accused Sony BMG of violating the privacy of its customers to create a backdoor onto their machine."
In 2006, Felten and graduate students hacked a Dielbold voting machine and then published their security analysis. "Malicious software running on a single voting machine can steal votes with little if any risk of detection. The malicious software can modify all of the records, audit logs, and counters kept by the voting machine, so that even careful forensic examination of these records will find nothing amiss."
In 2008, Felten and eight security researchers demonstrated how cold reboot attacks could defeat disk encryption systems such as TrueCrypt, FileVault, BitLocker, and dm-crypt. Their findings proved that RAM continues to store data even after the computer has been turned off. According to Freedom to Tinker, "Our research shows that data in DRAM actually fades out gradually over a period of seconds to minutes, enabling an attacker to read the full contents of memory by cutting power and then rebooting into a malicious operating system."
So he hacks to research security and privacy matters and he isn't shy to share the results even when big names threaten him with legal action if he proceeds. What's not to like? His appointment to the FTC may indeed mean great things for digital privacy such as protecting consumers and their privacy. Starting on January 1, 2011, Dr. Felten will be taking a leave from Princeton and advising the FTC on technology policy issues.